Juniper JunosE Malformed ICMP Remote DoS (JSA10651)

High Nessus Plugin ID 78422


The remote host is affected by a denial of service vulnerability.


According to its version, the remote Juniper E-Series device is potentially affected by a denial of service vulnerability. This issue is caused by improper processing of malformed ICMP packets into the log format for 'icmpTraffic' logging when 'DEBUG' severity is selected.

Note that devices with logging severities below 'DEBUG' are not affected.


Upgrade to JunosE version 13.3.3p0-1 / 14.3.2 / 15.1.0 or later.

See Also

Plugin Details

Severity: High

ID: 78422

File Name: juniper_jsa10651.nasl

Version: $Revision: 1.4 $

Type: local

Family: Misc.

Published: 2014/10/14

Modified: 2017/05/16

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.1

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:juniper:junose

Required KB Items: Settings/ParanoidReport, Host/JunosE/version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2014/09/12

Vulnerability Publication Date: 2014/10/08

Reference Information

CVE: CVE-2014-6377

BID: 70368

OSVDB: 113077

IAVA: 2015-A-0313

JSA: JSA10651